Bug 986401
| Summary: | cracklib-check doesn't recognize dictionary words as based on wordlist | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Hubert Kario <hkario> |
| Component: | cracklib | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Hubert Kario <hkario> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | nalin |
| Target Milestone: | beta | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | cracklib-2.9.0-7.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 964118 | Environment: | |
| Last Closed: | 2014-06-13 09:59:26 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 964118, 1652918 | ||
| Bug Blocks: | |||
|
Description
Hubert Kario
2013-07-19 16:38:17 UTC
If the dictionary is made of random words, cracklib-check in many cases doesn't recognize more than half of the input words:
for i in `seq 1 34`; do
echo -n > wordlist
for j in `seq 1 20`; do
tr -cd '[:alpha:]' < /dev/urandom | dd bs=1 count=$i 2>/dev/null >> wordlist
echo >> wordlist
done
create-cracklib-dict wordlist > /dev/null
cracklib-check < wordlist | grep ': OK' | wc -l
done
Actual results:
0
0
0
0
0
11
12
14
12
12
9
12
11
14
11
9
17
14
10
13
10
12
11
12
16
11
8
16
11
11
10
7
7
20
Expected results:
all 0
Words with punctuation are now ignored: cracklib-2.9.0-5.el7.x86_64 [root@rhel7-64 test]# create-cracklib-dict /usr/share/dict/words 454695 454695 [root@rhel7-64 test]# cat /usr/share/dict/words | cracklib-check | grep ': OK' 2,4,5-t: OK Aaron's-beard: OK Adam's-needle: OK adder's-grass: OK adder's-meat: OK adder's-mouth: OK adder's-mouths: OK adder's-tongue: OK Alpes-de-Haute-Provence: OK A.M.D.G.: OK angel's-trumpet: OK A.R.C.S.: OK A.W.O.L.: OK babies'-breath: OK baby's-breath: OK baby's-slippers: OK bachelor's-button: OK bachelor's-buttons: OK bats-in-the-belfry: OK bear's-breech: OK bear's-ear: OK bear's-foot: OK bear's-foots: OK bear's-paw: OK beggar's-lice: OK beggar's-tick: OK beggar's-ticks: OK bicycle-built-for-two: OK bird-in-the-bush: OK bird's-eye: OK bird's-eyes: OK bird's-foot: OK bird's-foots: OK birds-in-the-bush: OK bird's-nest: OK bishop's-cap: OK bishop's-weed: OK blind-man's-buff: OK blown-in-the-bottle: OK bras-dessus-bras-dessous: OK B.R.C.S.: OK bred-in-the-bone: OK buck's-horn: OK bullock's-heart: OK bull's-eye: OK bull's-eyed: OK bull's-eyes: OK butcher's-broom: OK ca'ing-whale: OK calf's-foot: OK camel's-hair: OK catch-as-catch-can: OK ca'-thro': OK cat-o'-mountain: OK cat-o'-nine-tails: OK cat-o-nine-tails: OK cat's-claw: OK cat's-cradle: OK cat's-ear: OK cat's-eye: OK cat's-eyes: OK cat's-feet: OK cat's-foot: OK cat's-head: OK cat's-paw: OK cat's-tail: OK chef-d': OK chef-d'oeuvre: OK chefs-d'oeuvre: OK Ching-t'u: OK Ch'ing-yan: OK Christ's-thorn: OK christ's-thorn: OK chuck-will's-widow: OK cock-a-doodle-doo: OK cock-a-doodle--dooed: OK cock-a-doodle--dooing: OK cock-a-doodle-doos: OK cock-and-bull-story: OK cock-of-the-rock: OK cock's-comb: OK cock's-foot: OK cock's-head: OK cocks-of-the-rock: OK colt's-tail: OK cooper's-wood: OK crane's-bill: OK crow's-feet: OK crow's-foot: OK crow's-nest: OK cupid's-bow: OK Cupid's-dart: OK dai-sho-no-soroimono: OK dame's-violet: OK danes'-blood: OK day's-work: OK death's-face: OK death's-head: OK death's-herb: OK deer's-tongue: OK devil-in-the-bush: OK devil's-bit: OK devil's-bones: OK devil's-ivy: OK devil's-pincushion: OK devil's-tongue: OK devil's-walking-stick: OK dhu'l-hijja: OK dhu'l-qa'dah: OK dog-in-the-manger: OK dog's-bane: OK dog's-ear: OK dog's-eared: OK dog's-meat: OK dog's-tail: OK dog's-tongue: OK dog's-tooth: OK down-at-the-heel: OK down-at-the-heels: OK down-in-the-mouth: OK dragon's-tongue: OK Dutchman's-breeches: OK Dutchman's-pipe: OK dyed-in-the-wool: OK dyer's-broom: OK dyer's-greenweed: OK dyer's-weed: OK elephant's-ear: OK elephant's-foot: OK elephant's-foots: OK first-past-the-post: OK flame-of-the-forest: OK flame-of-the-woods: OK flames-of-the-woods: OK flower-of-an-hour: OK fo'c's'le: OK fool's-cap: OK fool's-parsley: OK fore-and-aft-rigged: OK four-o'clock: OK frog's-bit: OK get-up-and-get: OK get-up-and-go: OK gill-over-the-ground: OK glory-of-the-snow: OK glory-of-the-snows: OK glory-of-the-sun: OK glory-of-the-suns: OK go-as-you-please: OK goat's-beard: OK goat's-rue: OK god's-penny: OK hail-fellow-well-met: OK hair's-breadth: OK hallow-e'en: OK hand's-breadth: OK hare's-ear: OK hare's-foot: OK hart's-tongue: OK hawk's-beard: OK hawk's-bell: OK hawk's-bill: OK hawk's-eye: OK heart's-ease: OK hen's-foot: OK Hercules'-club: OK hercules'-club: OK herd's-grass: OK heron's-bill: OK hide-and-go-seek: OK high-muck-a-muck: OK hog's-back: OK hop-o'-my-thumb: OK hop-o-my-thumb: OK hound's-tongue: OK hound's-tooth: OK how-do-ye-do: OK how-do-you-do: OK how-d'ye-do: OK huntsman's-cup: OK hunt's-up: OK inter-'varsity: OK Ithuriel's-spear: OK jack-at-a-pinch: OK jack-by-the-hedge: OK Jack-go-to-bed-at-noon: OK jack-in-a-box: OK jack-in-a-boxes: OK jack-in-the-box: OK jack-in-the-boxes: OK jack-in-the-green: OK jack-in-the-pulpit: OK jack-in-the-pulpits: OK jack-of-all-trades: OK jack-o'-lantern: OK jacks-of-all-trades: OK Jacob's-ladder: OK jaw's-harp: OK jew's-ear: OK jew's-harp: OK Job's-tears: OK Johnny-on-the-spot: OK johnny-on-the-spot: OK Josephine's-lily: OK Joseph's-coat: OK Jupiter's-beard: OK K'ang-te: OK K.C.M.G.: OK K.C.V.O.: OK king-of-the-herrings: OK king-of-the-salmon: OK knight's-spur: OK knock-down-and-drag: OK knock-down-and-drag-out: OK knock-down-drag-out: OK ladies-of-the-night: OK ladies'-tobacco: OK ladies'-tobaccoes: OK ladies'-tobaccos: OK lady-of-the-night: OK lady's-eardrop: OK lady's-mantle: OK lady's-slipper: OK lady's-smock: OK lady's-thistle: OK lady's-thumb: OK lady's-tresses: OK lamb's-quarters: OK lamb's-wool: OK leg-o'-mutton: OK leopard's-bane: OK light-o'-love: OK light-o'love: OK lizard's-tail: OK love-in-a-mist: OK maiden's-tears: OK maiden's-wreath: OK maiden's-wreaths: OK man-of-the-earths: OK man-o'-war: OK mare's-nest: OK mare's-tail: OK men-of-the-earth: OK Mentor-on-the-Lake-Village: OK middle-of-the-road: OK middle-of-the-roader: OK miller's-thumb: OK mind-your-own-business: OK money's-worth: OK monk's-hood: OK ne'er-dos: OK ne'er-do-well: OK Nero's-crown: OK never-to-be-equaled: OK nievie-nievie-nick-nack: OK no-deposit-no-return: OK no-man's-land: OK nor'-west: OK nor'-wester: OK old-man's-beard: OK on-again-off-again: OK one-and-a-half: OK out-of-the-common: OK out-of-the-way: OK out-of-the-world: OK owl's-crown: OK parrot's-bill: OK parrot's-feather: OK pay-as-you-go: OK P'eng-hu: OK pheasant's-eye: OK pheasant's-eyes: OK pigeon's-neck: OK pneumonoultramicroscopicsilicovolcanoconiosis: OK prince's-feather: OK prince's-pine: OK queen-of-the-meadow: OK queen-of-the-prairie: OK Queen's-flower: OK rabbit's-foot: OK ram's-horn: OK rat's-tail: OK R.C.A.F.: OK R.C.M.P.: OK R.I.B.A.: OK rock-'n'-roll: OK roll-on/roll-off: OK R.S.V.P.: OK run-of-the-mill: OK run-of-the-mine: OK sailor's-choice: OK saint-john's-wort: OK Saint-Maur-des-Foss: OK sea-otter's-cabbage: OK sheep's-bit: OK shepherd's-purse: OK shepherd's-scabious: OK shoot-'em-up: OK shove-ha'penny: OK snake's-head: OK snow-on-the-mountain: OK sou'-west: OK spur-off-the-moment: OK spur-of-the-moment: OK squirrel's-ear: OK state-of-the-art: OK stick-at-it-ive: OK stick-in-the-mud: OK stick-to-it-iveness: OK stork's-bill: OK straight-from-the-shoulder: OK straight-up-and-down: OK Sunday-go-to-meeting: OK sunday-go-to-meeting: OK Sunday-go-to-meetings: OK swan's-down: OK tailor's-tack: OK tam-o'-shanter: OK tam-o'shanter: OK thank-you-ma'am: OK theater-in-the-round: OK theatre-in-the-round: OK three-and-a-halfpenny: OK tiger's-eye: OK Tir-na-n'Og: OK tishah-b'ab: OK toad-in-the-hole: OK toad's-mouth: OK tol-lol-de-rol: OK Tom-come-tickle-me: OK toper's-plant: OK touch-me-not-ish: OK traveler's-joy: OK traveler's-tree: OK trick-o-the-loop: OK Turk's-head: OK 'tween-decks: OK twelve-o'clock: OK two-for-a-cent: OK two-for-a-penny: OK un-come-at-able: OK un-come-at-ableness: OK un-come-at-ably: OK un-get-at-able: OK un-get-at-ableness: OK up-to-the-minute: OK Val-d'Oise: OK va-t'-en: OK Venus's-flytrap: OK venus's-flytrap: OK Venus's-girdle: OK Venus's-hair: OK virgin's-bower: OK wag-on-the-wall: OK W.C.T.U.: OK what-do-you-call-it: OK what-d'ye-call-'em: OK what-d'ye-call-it: OK what-d'you-call-it: OK what's-her-name: OK what's-his-face: OK what's-his-name: OK what's-its-name: OK what-you-call-it: OK what-you-may-call-'em: OK what-you-may--call-it: OK widow's-cross: OK will-o'-the-wisp: OK will-o-the-wisp: OK willo'-the-wispish: OK willo'-the-wispy: OK will-with-the-wisp: OK witches'-besom: OK witches'-broom: OK wolf's-bane: OK wolf's-head: OK Wu-lu-mu-ch'i: OK Y.M.C.A.: OK Y.M.H.A.: OK Y.W.C.A.: OK Y.W.H.A.: OK That's actually problem in cracklib-format script as called by create-cracklib-dict. The punctuation is removed from the created dictionary, but we do not ignore all punctuation now when checking for the dictionary match. (bug 985378) I'll change the cracklib-format script and eagerly await what regresses next. :) yes, I meant ignored by create-cracklib-dict, not by cracklib-check This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |